Vulnerabilities (CVE)

Filter

9655 total CVE
CVE Vendors Products Updated CVSS
CVE-2014-9418 1 Huawei 1 Espace Desktop 2019-05-20 2.1
The eSpace Meeting ActiveX control (eSpaceStatusCtrl.dll) in Huawei eSpace Desktop before V200R001C03 allows local users to cause a denial of service (memory overflow) via unspecified vectors.
CVE-2014-9417 1 Huawei 1 Espace Desktop 2019-05-20 2.1
The Meeting component in Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted image.
CVE-2014-9415 1 Huawei 1 Espace Desktop 2019-05-20 1.9
Huawei eSpace Desktop before V100R001C03 allows local users to cause a denial of service (program exit) via a crafted QES file.
CVE-2019-12184 1 Boostio 1 Boostnote 2019-05-20 3.5
There is XSS in browser/components/MarkdownPreview.js in BoostIO Boostnote 0.11.15 via a label named flowchart, sequence, gallery, or chart, as demonstrated by a crafted SRC attribute of an IFRAME element, a different vulnerability than CVE-2019-12136.
CVE-2019-0864 1 Microsoft 1 .net Framework 2019-05-20 2.1
A denial of service vulnerability exists when .NET Framework improperly handles objects in heap memory, aka '.NET Framework Denial of Service Vulnerability'.
CVE-2019-0979 1 Microsoft 2 Team Foundation Server, Azure Devops Server 2019 2019-05-20 3.5
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE...
CVE-2019-11884 1 Linux 1 Linux Kernel 2019-05-20 2.1
The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end...
CVE-2018-15594 3 Canonical, Debian, Linux 3 Ubuntu Linux, Debian Linux, Linux Kernel 2019-05-20 2.1
arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests.
CVE-2019-0976 1 Microsoft 1 Nuget 2019-05-20 2.1
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default ), aka 'NuGet Package Manager Tampering Vulnerability'.
CVE-2019-0872 1 Microsoft 2 Team Foundation Server, Azure Devops Server 2019 2019-05-20 3.5
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE...
CVE-2019-0950 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2019-05-20 3.5
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from...
CVE-2019-0949 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2019-05-20 3.5
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from...
CVE-2019-0942 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2019-05-20 2.1
An elevation of privilege vulnerability exists in the Unified Write Filter (UWF) feature for Windows 10 when it improperly restricts access to the registry, aka 'Unified Write Filter Elevation of Privilege Vulnerability'.
CVE-2019-10909 2 Drupal, Sensiolabs 2 Drupal, Symfony 2019-05-20 3.5
In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, validation messages are not escaped, which can lead to XSS when user input is included. This is related to symfony/framework-bundle.
CVE-2019-1808 1 Cisco 1 Nx-os 2019-05-20 2.1
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability...
CVE-2019-0951 1 Microsoft 1 Sharepoint Foundation 2019-05-17 3.5
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from...
CVE-2019-5932 1 Cybozu 1 Garoon 2019-05-17 3.5
Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.6.3 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Portal'.
CVE-2019-5937 1 Cybozu 1 Garoon 2019-05-17 3.5
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the user information.
CVE-2019-5947 1 Cybozu 1 Garoon 2019-05-17 3.5
Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.1 allows remote authenticated attackers to inject arbitrary web script or HTML via the application 'Cabinet'.
CVE-2019-0886 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2019-05-17 2.7
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'.